Sertis is a leading Data and AI company based in the heart of Bangkok. We provide both off-the-shelf and customised solutions for our clients ranging from data infrastructure, BI development, and data-driven business insights to forecasting, optimization, and computer vision. Our expert team of data and AI consultants work closely with clients, across different industries such as retail, manufacturing, banking, energy, airlines, agriculture, and healthcare, to understand their business needs and deliver bespoke solutions using cutting-edge technologies that are just right for them.
Our aim is to be one of the leading Data and AI companies globally, where a diverse mix of talent want to come, stay, and do their best work. We pride ourselves on bringing not only the best, but also nice, talent from around the World. We recognise that our company runs on our people's hard work and dedication while maintaining a culture that encourages learning, growth opportunity, innovative contribution, and a sense of ownership.
For more information, please visit: https://www.sertiscorp.com/
About the Job
Our IT Security Control and IT Risk Management Specialist will be responsible for implementing the internal security control and risk assessment framework to ensure the integrity of our information assets. You will be responsible for planning, implementing, and managing our Information Security Management System (ISMS) in alignment with ISO 27001 standards. The primary goal of this position is to safeguard our sensitive data, protect against security threats, and promote a culture of security awareness within the organization.
What are the responsibilities of an IT Security Control and IT Risk Management Specialist?
In this role, you will get to:
- Conduct BIA (Business Impact Analysis) with regards to IT Security and Risk Assessment as part of the business continuity plan.
- Lead the implementation of ISO27001 standards that includes risk assessment, security policy development, and control implementation.
- Develop and maintain a risk management plan by identifying information security risks, vulnerabilities, and threats
- Create regulatory guidelines about Information Security for each of our tech and non-tech teams.
- Conduct security awareness training manuals and workshops for our employees to promote a culture of security.
- Prepare for and manage internal and external audits to assess compliance with ISO 27001 standards.
- Maintain accurate and up-to-date records and documentation related to ISO 27001 compliance.
- Evaluate the security posture of our third-party vendors and partners that have access to our data.
Requirements for this role are:
- A university or bachelor degree in relevant domain to Information Security
- 3 to 5 years of hands-on experience in Information Security Management System in a professional services firm
- Proven experience in implementing the ISO27001 standards within an organization
- The ability to think like a ‘bad guy’ or anticipate what hackers might try, and to identify weak points in system defenses
- General skills range from soft skills to technical skills such as penetration testing, hardware/ IoT security, network security, identity and access management, etc.
Who excels in this role?
- Someone who loves getting things done!
- Open-minded - eager to ask for comments/suggestions for improvement
- Passionate for anything and everything data
- Able to share and suggest ideas
- Love doing tons of research
- Have a can-do and will-do attitude!
- Ready to tackle any challenges
What are some of the benefits of working at Sertis?
- Hybrid working environment
- Up early or slow starter in the morning? We have flexible office hours
- Mentorship programs for every level; from executive-level coaching to fresh grad
- Learning support- to help you build your skillset and grow your career
- Get to work and learn from the best in the industry, and share your ideas with like-minded individuals
- We cultivate intelligence and learning so that our experts can become community leaders in their respected fields in the tech industry
- Amazing colleagues to enjoy company social outings, parties, and events
- Result-oriented workplace; We provide direction, not orders and give you the autonomy to deliver your best work
- We work at the frontier of innovation in the AI industry
- Work on meaningful solutions that solve and improve real-life problems and challenges
- We run like a startup, and embrace the adventure; we focus on getting things done, while still having a down-to-earth and informal culture
This is your chance to build your career in a growing data-driven industry.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided